Slashdot Mirror
Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers (voat.co)
An esteemed reader writes: Curious about the various telemetry and personal information being collected by Windows 10, one user installed Windows 10 Enterprise and disabled all of the telemetry and reporting options. Then he configured his router to log all the connections that happened anyway. Even after opting out wherever possible, his firewall captured Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. Even the enterprise version of Windows 10 is checking in with Redmond when you tell it not to — and it's doing so frequently.
Is anybody surprised by this?
Microsoft has pretty clearly telegraphed they don't give a shit about what the people who own the machines want, and they're going to do whatever the fuck they want.
That Microsoft is doing this is surprising in no way to me.
Microsoft simply can't be trusted to not just do what they please here.
Lost at C:>. Found at C.
For the enterprise version we really need it predictable so it can be managed. Even if talking to MS is harmless and overall a good thing, it means you are having your computer talk to something you may not want too.
At work we are still on Windows 7 with little chance going over to 10 because of stuff like this. (I would prefer Linux, but our management is stuck in the 1990s)
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
"Don't worry, your data is encrypted and nobody will ever know what it is besides our business partners."
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
I'm not sure how any company or business that deals with information that requires security by law could be using Windows 10. It would seem that defense contractors, law enforcement, financial and tax services as well as anyone subject to hippa laws would be in default automatically because what is sent is not documented.
Maybe it is time for a class action or something to get it turned off for real.
The Microsoft shills normally go down one of these paths:
1)- "You can turn it off if you pay for it"
(this ignores that you can't really buy enterprise and is malicious behavior in general, ignores that you can't turn stuff off in pro- but now it ALSO ignores that EVEN ENTERPRISE HAS NO TOGGLES!)
So it's BIG news because it means that even Enterprise is tucked into their botnet.
2)- "But google does this on their phone OS"
(this ignores that a phone OS isn't the same as a desktop OS, ignores that phones are pretty terrible at privacy and that this is due to several vendor lock-ins that don't have good outs, ignores that there's phones that DON'T do this, and is just generally so full of false equivalences that it's ludicrous on the face of it)
3)- "I have nothing to hide / you're old if you care"
(this is something a marketer would say, not a rational person- no one actually wants to buy or use spy tech)
4)- 'You can turn it off"
(this article is the latest showing that NO YOU CANNOT- someone will post one of the scripts or spybots or whatever that purports to disable it, and might even, but if you need some crazy tech solution to get your OS to MAYBE not spy on you ludicrously, it's a terrible OS)
So finding it in Enterprise destroys (1) even further, and is interesting for (4) as well.
I'm sure it won't stop them shills shilling though.
What happens when you block those IP addresses? Will Win10 stop working?
Any monetary transactions I do these days is on my PC-BSD laptop or on either of my phones. I don't keep ANY financial stuff on my Windows laptop. Which btw, the only reason I have is that my work requires it. For all personal stuff, it's PC-BSD
> Windows 7, 8, 8.1, and 10
Telemetry has been pushed to 7, 8, and 8.1, but you can absolutely remove those updates. Without telemetry they behave as they did before- somewhat sketchy because they are Microsoft, but nowhere NEAR what we see in 10.
Hpw about if the NSA and google stopped doing it? How about microsoft doesnt do it. How about instead of cheering them on and saying, "if others are doing it why cant an OS" you just go die in a fire?
so you trust your platform firmware? Do you have the source?
Intron: the portion of DNA which expresses nothing useful.
In true Slashdot fashion, I didn't read TFA just the TFS. Assuming that the source is capable (ie, did everything practical to disable telemetry, including any weakly published registry settings, etc) and is accurately counting firewall hits (how many of these are one telemetry source retrying relentlessly?) and not attempting to be an anti-MS shill, this really sucks that disabling it per MS instructions doesn't actually disable it.
That being said, does it affect functionality? Does stuff not work (for all definitions of not work -- from not all to pokey slow because it's trying and faiiling to hit a telemetry server)?
While I would expect corporations with an eye on security to object, I would also expect places like that to have a fairly stern outbound firewall policy and filtering system that would block a lot of telemetry by default, mitigating some of this but still not eliminating the annoyance of a machine that does what it wants.
I'm also curious how much analysis of telemetry has been done. Do we know what processes on the machine are responsible for telemetry, and are there any ways to disable them? Have the telemetry messages been analyzed to develop firewall rule groups to block them by IP, URL or DNS?
I've set up 4 new PCs with Windows 10 fresh installs the last few weeks. The first thing I do is go to "computer management", "services", and stop indexing (windows search) and change it from "automatic startup" to "disabled". The only thing bad it does is prevents windows media player from sharing or retrieving media files that are shared in your local network. But I use VLC instead of WMP anyway, so no big loss. I have a hardware firewall, so I disabled windows firewall in settings, but find it's still running as a service, and causing network share problems. I disabled windows firewall service, but that breaks windows update. They've fucked up windows so bad that you can't make it do what you want. These are set up to dual boot with Linux, and in Linux I have no problem making it do what I want.
I use a Linux machine in a similar fashion, it's where I do critical web work (banking etc) the rest of the time it's off, I run Windows for gaming and video/music editing and I have a iMac running Centos VM where I do all my web surfing that isn't banking.
I routinely dump the VM and open a pristine copy.
I always use VPN for all web surfing.
Yes I have a problem with this. Why are you surprised by that?
Will you please explain why naming NSA and Google will magically remove the seriousness of this spying?
And while you are busy, can you also explain why we desperately need another piece of spyware?
And yes - I have nothing to hide, and NO I do need to prove that by inviting spyware to check me..
What happens when you block those IP addresses? Will Win10 stop working?
That'd be my guess. No updates and a non-functional machine except for a screen with a "Click Here To Upgrade" button.
Just cruising through this digital world at 33 1/3 rpm...
I do my check deposits on my phone - the alternative being driving to a bank and going through that process. Any payments or anything - the PC-BSD box.
Love to filter out posts which merely contribute variants of "No surprise here" or "Blah does this too" or "Who cares about privacy".
How about a -2, since it is sort of a spam-comment?
Since I can't read source code, I don't give a fuck!!! I trust the FreeBSD peeps.
Has anyone analyzed the data being sent? Or is this a big assumption? Could this be other apps that were installed by default 'calling home'? I'm not doubting that MS might do this, but in all fairness, this seems example seems like unsubstantial speculation....and a pretty weak 'test to boot. Remember that high school class who put sprouts by a wifi router and found the 'closer plants died'? I did the same thing for fun, and found the closer sprouts actually grew faster and more abundantly, probably since they were warmer. Shouldn't we suspend judgement until further tests and confirmation is made...?
It's a Microsoft operating system, and by installing it you agree to their EULA. You have agreed to all this. MS can do what they want as they own the machine you run it on - end of story. The only way out is to use a.n.other OS. But you will not.
Ubuntu is worse, actually. Not only does it send searches, but each individual library or package can phone home to a different developer with different information collected about your system. When something crashes, the crash dump is automatically provided to the developer. This even occurs with browsers like Firefox, which can reveal what you were doing with the browser at the time of the crash. There are packages in GNOME and KDE that exist for the sole purpose of reporting back private data when a crash occurs. It's a bad situation on Linux, and unlike Windows, virtually none of the software contains a privacy policy. The GPL sure won't protect against things like this. There's also more incentive for Linux software to monetize user activity because, unlike Windows, there generally isn't a revenue stream from people purchasing the software. It's actually worse on Linux.
You need to provide details. I know there have been some issues with Ubuntu phoning home, but when you say individual libraries can phone home, do they? Which ones?
Crash dump automatically provided to developer? An example, please?
Packages that exist to report back private date? Which ones?
If you can't provide backup, you're just spewing FUD. Do you work for Microsoft?
> How does, say, Ubuntu Linux compare to Windows 10?
GTFO FUD PEDDLER
Ubuntu has an option that can be turned off for ONE fucking search menu. And they are removing it due to negative feedback.
And if you give even a tenth of a fuck about this trivial to delete, soon to be removed default USE FUCKING MINT INSTEAD.
Or Debian, or Fedora, or Arch.
Ubuntu is just one of many Linux distributions. If you don't like something they do, move the fuck on.
...this is legal?
One place where I've found Windows better than Android is the ability to download YouTube videos. In Android, all the YouTube apps are disabled from downloading by Google's terms of service, whereas on my Winbook, I can use any YouTube downloader, like Hyper, to get it done. I've not tried iOS apps in this regard.
As far as games go, I'm waiting for PC-BSD to include SteamOS jails in the OS, so that I can play my civilization games there.
Windows 10 collects EVERYTHING: indexes of your harddrives and other storage devices, your e-mails, contents of select documents, who you talk to and what you talk about, even what you type on the keyboard is recorded, compressed, encrypted, and sent back to Microsoft.
Bullshit.
I don't respond to AC's.
If you block connections, what would have normally been one successful connection can become many connection attempts. It's also possible that retries for the same thing would use different IP addresses. Someone needs to try an experiment like this without the blocking. A log of the data being transmitted would also be interesting. A lot of that is probably encrypted, but https monitoring via wildcard certificate MITM could capture some in decrypted form.
Facepalm.
> Ubuntu is worse, actually.
Lie.
>Not only does it send searches,
You can turn off the search send. It's being removed soon. If you care, don't use Ubuntu, use any other Linux. There's no one else providing distros of Windows to run to when Microsoft fails. They have failed.
> but each individual library or package can phone home to a different developer with different information collected about your system
First, it asks you each time, you can uncheck a box.
Second, here's your fix:
apt-get remove apport
Did you want to keep it around? Edit /etc/default/apport and change "enabled" to 0. Then it won't launch on boot.
It's optional, it can be disabled, and it asks you each fucking time anyway.
> There's also more incentive for Linux software to monetize user activity
There's no incentive for Linux (a kernel) to do this. There's no incentive for Linux as a general OS to do this. There is incentive for SOME companies that have Linux distributions to try to "monetize users", but you can, of course, simply not use their products- because Linux is a whole set of distributions.
Are you done with the fud? We'll never know AC, we'll never know.
He's talking about apport, I'm pretty sure. I responded to that. He's also pretending that a box you can uncheck using a program you can disable or uninstall in one single distro out of hundreds (and not even the most common one) is the same or worse than Microsoft dumping data that only they can decrypt over thousands of connections silently.
#5: I don't give a shit.
I don't respond to AC's.
The Amazon search function is easily disabled or removed from the system. Or if you are using a DE other then Unity, isn't there to begin with.
It is my understanding (not positive on the way apt behaves, but yum/dnf works this way) that since apt-get update/upgrade has no way to report back to Canonical since it's just an HTTP/FTP request to a random mirror, which only occurs when you tell it to run anyway. Plus, Microsoft is doing much more then just checking for updates (it checks and installs at will in Windows 10, you can not disable it in Home/Pro versions).
In summary - it's not so similar after all in scope or in your ability to control it.
I'm starting to think GNU is the problem with "GNU/Linux" these days.
Really think they are not using this collected data against your business.
What does that even mean?
I don't respond to AC's.
I think that was true way back when... now; obviously not.
Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
One problem with the approach used is that the firewall is configured to drop all connections. This is not a realistic picture.
An analysis of the content would also be interesting because even with telemetry disabled, there are plenty of reason for connecting to Microsoft servers such as software updates. Most of them are port 80 and port 443. Port 80 is normal http traffic and is easy to analyse, port 443 is encrypted so it is a bit harder but if you can add your own certificate authority to the windows install, you can try doing man-in-the-middle. There is also UDP port 3544 which is related to IPv4 - IPv6 transition, which in itself is probably harmless but may hide other connection attempts (that's one of the reasons why you won't get a realistic picture by dropping everything).
The only thing this experiment tells us is that Windows communicates with MS servers even with telemetry disabled. It smells but without further analysis, it is not very useful information.
> "computer management", "services", and stop indexing (windows search) and change it from "automatic startup" to "disabled". The only thing bad it does is prevents windows media player
Careful with that, especially in an enterprise environment. I don't know what idiocy made them couple it, but if you do this you will not be able to properly search your emails in Outlook.
And since it fails in a very non-obvious way (seems it uses an old index and _partially_ searches newer mails) debugging that can be a lot of fun.
What, no P.S.=> this time?
go back to 3dfiles AlecStaar
But you have to be careful that MS doesn't detect they're gone and re-download/install them.. I gave up dealing with them and moved all of my systems to Linux completely (used to dualboot Windows) back in 2010. After seeing the shitstorm/nightmare that is Windows 10, I couldn't be happier with my decision...
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
Hey!! The NSA needed *something* to fill up that big datacenter in Utah, so they bugged their partner, MS, to provide the "stuffing" for all that diskspace...
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
I have what I consider a toy computer called an Acer Aspire Switch 10, portability it's goal, The display will detach from the bottom half, usable then as a tablet, You can update to Win10 you can't downgrade, and it came installed with Win10.
I didn't need any test run to know what to do, electrical tape over the camera, and while I turned the microphone off (you can talk to it "open so and so") I'm sure it's very much active.
While stated in the TOS, they have no warnings such as from Samsung which basically says: "my god folks we can hear every word you say".
http://yro.slashdot.org/story/...
It's what they tried to have the Xbox do but were shouted down from that approach, while everything else MS sales has it's abilities.
Oh no I don't trust it at all, it was a gift so I keep it around, stopping it from connecting to the WiFi whenever it wants is checked often to insure it's not, as that's one of it's built in "features", it will find a source and connect, camped my phone for awhile.
So I can log into a terminal session on my home router. The router also supports blocking hosts by either IP address or by hostname. Somewhere on it those hosts must be in a config file, and I can probably just edit that file via a console. This means I can run a script. A script that can periodically check for an updated list of hosts to block. Either I or someone else can maintain such a list.
This list puts all their shit out of business. This is the way of the future then. I look forward to the new generation of broadband modems coming out to support blocklist technology exactly for this purpose: To block evil companies from spying on and tracking us.
My guess is, if the author were to carefully track this, that eventually it will be noticed that, following upcoming system updates to Windows, that the hosts he has listed will magically change and there will be new ones. Microsoft and its evil cohorts can easily shuffle around IP addresses in response to this. So running a blocklist filter on home broadband modems/routers is the way to go now for the future of privacy.
> Will Win10 stop working?
Not yet it won't. That's the game the Windows users are playing right now- a bunch of firewall settings. Some data is passed ignoring hosts files, so there's talk about an application firewall so you can keep using Windows.
Of course, all Microsoft has to do is a throw Switch-A and everything changes and all those guys have to change their block settings, or throw Switch-B and your system stops working if it hasn't spied on you in a while.
But in the meantime, Windows users are so desperate that they are basically considering building and using a guard.
Make network devices designed specifically to shut off all Windows 10 spying. Looks there should be a good market for this. Anyone know of product announcements? I'd be interested in a consumer-priced one. As it is I am stocking up on Windows 7 systems - the last usable MicroN$Aoft OS product.
Starships were meant to fly, Hands up and touch the sky - Nicky Minaj
> so you trust your platform firmware? Do you have the source?
First, some people DO have the firmware source. But you are correct that you can't get it for most things. Second, firmware has a much harder time of being written maliciously- it can happen, and it's a worthy fear, but it's nowhere near as ludicrous as what a malicious OS can do to you. The biggest fear about firmware is that it has a backdoor that can be triggered remotely and load bad code- something that hasn't been observed in the wild yet, nor leaked as a capability. Until a year ago, I wasn't even concerned about it being a possibility, but once we saw all the strange backdoors in goddamned everything... I'm now of the opinion that all firmware should be inspectable, and there needs to be a trusted ROM as well (actual ROM, not the dynamically reflashable stuff).
But again, this is a possible threat only. The OS situation is something you can and should be able to address today, to address known and extant data leaks.
MS are acting more like a creepy stalker than a software company nowadays. I used to poke fun at Steve Ballmer's odd public image and seemingly strange behaviour, but he ran a better MS than Nadella could ever dream of. Admittedly that is the perspective of a user rather than a shareholder, but you need to please one group in order to please the other. Maybe it is because Ballmer has somewhat more history with the company. Maybe he learned how not to alienate people. Even though people used to joke that MS were evil, they always made the product I wanted and needed. Their business practices could often be subject to vaild criticism, but their operating system was typically the best option at least for me. That has all changed. I don't need or want Windows 10. I've tried it, and it isn't too awful on the front end, but the shenanigans behind the scenes are too much for me.
I'm currently dual boot still, to a 7 install that I turned off ALL updates for. I use it for posting to trusted sites (obviously that works in Linux) and video games at this point, and man I wish I had a better solution for those games. The lack of security updates will eventually make the web too risky for the Windows drive, if it hasn't already (serious browsing is already relegated to Linux). I've considered an OS X setup on a second computer, but that only solves SOME of my games. Looking towards the future, I've stopped buying new Windows games, instead grabbing a PS4 and Wii-U. Hopefully that will tide me over to an era where Vulkan exists and has a game or two I'm really into on Linux. I like to play a few games a lot these days, instead of many games a little, so game devs that make a great Windows game and port it nowhere are really cramping my style.
On the bright side, I spend so much more time in Linux now that I'm already vastly less concerned than I was before- in the next couple months I plan to remove all my data not needed for gaming from the Windows partition (I already should have copies). That will make it basically "boot unpatched xbox OS", and it wouldn't be able to attack my Linux drive without truly extraordinary measures (UEFI virus, targetted attack, etc- stuff I'm not personally concerned about, though it would still be better to have more security than less)..
He has far more than he would ever get from Microsoft, isnt that enough? Try adding something useful and helpful to the conversation, not just snark. Most of us here are familiar with the regressive-logic hell that is Trust.
Good-bye
Are we to the point of a class action lawsuit or a Congressional investigation?
If all we're talking about is everybody here boycotting Microsoft, it's not going to work. We're a very tiny percentage of computer users.
What realistically can be done about it?
> Let's not start spewing FUD like that before we actually know what is stored in the packets sent to Microsoft.
Ok AC, you reign in those accusations. The rest of us will discuss how to disable the keylogger:
http://thehackernews.com/2015/...
And be sure to disable these KBs in Windows 7 and 8:
http://thehackernews.com/2015/...
And be sure to download stuff that stops it, for now, maybe:
https://www.reddit.com/r/Windo...
The EULA states that you agree to have your keystrokes sent and such:
https://privacy.microsoft.com/...
"...we share personal data among Microsoft-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement..."
"We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets."
"Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive), when we have a good faith belief that doing so is necessary to:
Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies... ...protect the rights or property of Microsoft..."
Protect our customers...
So basically, they'll disclose your data for almost any goddamned reason, including making an agreement with a third party to disclose your data to them in exchange for money.
And what data in question?
"Microsoft collects and uses data about your speech, inking (handwriting), and typing on Windows devices to help improve and personalize our ability to correctly recognize your input."
" It also includes associated performance data, such as changes you manually make to text..."
Microsoft also tries to guard you from Malware, a noble purpose... but in doing so it can leak pretty much all of your URLs.
The statement you respond to is not quite correct because the line about the "indexes of your harddrives and other storage devices" appears to be specific to the technical preview. But other than that, yea, it's pretty much spot on.
[ I can't tell if others have commented on this ]
The kind of traffic matters. Some external communication is reasonable.
NTP, to synchronize clocks.
Checking for certificate revocation.
Checking for the existence of security updates.
Downloading lists of sites known to be malicious.
You can take responsibility for these functions, but servers need to get them done.
Don't mess with The Phone Company. Piss them off and you'll be using two tin cans and a piece of string.
The technical preview did push your directory up to Microsoft. I can't find anything in the EULA still giving them permission to do that for the release version though.
Anything you type can go up to Microsoft. That's the input personalization thing, and the EULA means you grant this permission in general. If your emails are kept on outlook, then they also have them, and have a nest of excuses about when to divulge them (including law enforcement, of course, but also just if they make agreements with third parties). Contents of select documents? Well, the crash reports contain this, obviously, but also "Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and who you interact with on your device." Probably if you turn off input personalization and getting to know you and Cortana this gets turned off... are you sure though? EULA still in force, who knows.
The default settings for Windows 10 do everything except the hard drive index thing, and it used to do that too in the tech preview.
He installed win10 on VBox and let it go idle for 10h while he dreamt of dragons etc. So whatever you do, you should not have anything running that goes on and tells mama and papa - hey I am here etc. Whether this is the same or different servers or one or many cluster(s) is irrelevant too.
But can you reread your post? I mean, a 2d interface kinda should run fine on a quad core with 8 gigs of ram.... That's not something to boast about :)
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Say Windows 7
Even if you click to opt out of the "improvement program" or "customer Experience Improvement program" it will not take unless done in the task scheduler. There are normally three that must be disabled in that area, or your still in, and send reports.
Article didn't mention this idiosyncrasy.
Essentially I posted the same type of FUD about Ubuntu that was posted in the story about Microsoft. The trolling is well deserved.
You need help, but I could care less if you get it.
With MS doing the ET thing, suddenly the incentive for Linux distributions to go serious UI and retail sales push as a "Secure Windows Alternative" is now becoming potentially very profitable for both home and business users.
Would not be surprised to see a Linux Distribution go to full sales mode VERY soon, including TV ads.
> So, we're going to rightly complain about Microsoft invading privacy, but we're going to make excuses for Android. That's bullshit.
No it isn't. Again, the two things are not equivalent, and the fact that phones suck at privacy is NOT reason to go make desktops suck at privacy too.
I don't give Google a free pass. But if Google gets brought up while we are rightfully bashing Microsoft, there's normally ONE reason: to try to normalize Microsoft's behavior. This makes the conversation into a useless expenditure of effort.
The fact is, Microsoft is generally worse than Google about privacy, even if you count Android. But that conversation is this back and forth between someone who is more opposed to keyloggers and serious envelope information leakage about what local applications are used when ("transmit a packet when notepad opens") versus someone who is more opposed to a mostly blind search finding some keywords and displaying sketchy adds because you were discussing a naked singularity in your email. The original shill post is long gone, and the nerds have descended into fighting over which shitty approach is more shitty.
It's meaningless.
If someone had an article about comparing the different forms of exploit info being used against their customer, THAT would be the appropriate place for it.
But for it to come up in this thread, and any other thread about Microsoft is OFF FUCKING TOPIC. Windows 7 (fresh install, don't add the telemetry KBs) isn't a total pile of shit on privacy. Windows 10 absolutely is. Google has NOTHING to do with this!
Also related: You have two main options when it comes to Android spying. The first is to root your phone and fix it, which has a host of downsides- now you are sysadminning your phone, now it's a hobby box as well as production for you, etc. If you are passionate, you will probably do that. The second is to use a goddamned iPhone, which everyone pretends is just as bad on privacy but it really isn't. This isn't a great argument point, however- Apple is perpetually one patch away from having ruinous privacy policies, because they are such a proprietary solution. So you have options even within the "phone" field.
And again- THE FACT THAT PHONES SUCK DOESN'T MEAN WE SHOULD THROW OUR HANDS UP AND ACCEPT THAT DESKTOPS SUCK TOO NOW.
It's a false equivalence, it's offtopic, it devolves the conversation, it's fucking WRONG in the first place (because Microsoft is way shittier than Google with what it is collecting), and that's why it's a top tier shill argument that I see trotted out in every fucking Microsoft thread. It's so clearly from List_of_bullshit_to_post_when_we_get_called_out.txt that it's stupid.
Sure, but I bought it at the end of 2008 specifically knowing I'd run Vista on it, and my way of future proofing is as much cheaper trailing edge CPU as I can find, and as much RAM as I can afford -- especially since I'd seen our poor QA guys trying to run it on a cobbled together machine with 512MB of RAM.
It worked just fine until the machine keeled over about a year ago, but it was starting to push the memory (I was also running VMware on it).
Then I replaced with a box with an AMD FX-8320E/8 core and 16GB of RAM ... over many years I've found almost nothing future proofs a machine than what sounds like a stupid amount of RAM.
Part of the problem is I don't think "minimum specs" for a Windows machine has ever been anything but a lie. It's always required much more than MS ever claimed it should.
It still amazes me that people are still selling machines with 4GB of RAM like it was 10 years ago. That just screams of leaving people with machines with far too little resources.
Even in 2008 machines with 4GB of RAM wasn't nearly enough.
Lost at C:>. Found at C.
what's normal is what's defined in society. I remember a story about some Africans who migrated to the US to escape persecution. They were used to very little privacy because of their living conditions. When they moved to the US they suddenly had lots of the stuff. So much they had mental problems from the disconnect with people.
A lot of American obsession with privacy is brought on by puritan style shaming. E.g. we do have stuff we want to hide, even if we don't really need to. Yeah, there are really good examples where our privacy can be infringed (the stuff their doing with license plate readers is downright scary) but you can definitely take it too far, and there's a case to be made that America has.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Download a copy of virtualbox.
http://saveie6.com/
No proprietor can be trusted, that's what the free software movement has been telling us for decades. It's not at all surprising that a company which has been distributing proprietary malware for a long time continues to do so. Only people who think they know an OS by running it for a long time or want to believe that a proprietor-supplied control would truly protect one's privacy from the proprietor would believe otherwise.
Digital Citizen
But minimum specs are for running only Windows - not even any bundled applications like calendar, calculator, minesweeper, or recommended ones like antivirus, MS Office. How many people do that?
Should MS be honest and include the memory requirements of typical application set? Yes. But that is not the way business communication works. Serving size of coca cola is 2 nanograms, you should ask your doctor for this medicine even though you are not qualified to decide and he is, Apple computers don't get windows viruses. All true, useless statements devoid of honesty.
Bingo Dictionary - Pragmatist, n. A myopic idealist.
Some of the addresses are hard coded, blocking them at the firewall or hosts file doesn't always work.
There are lists, and you can block them (there are programs to do so), however, as Microsoft has said, much of this is integrated into the OS, if you block them, the OS begins to lose functionality. For example, Smartscreen no longer works, so you get an error when installing a program, but you can bypass it, driver update also no longer works... Things like that. You might find these to be minor, and to an extent they are, but they do effect your productivity. I found it better to put my desktop back to Win7 and invest my time tweaking Win10 into switching over to Linux.
It's only a matter of time before malware to comes along and hijacks this system, which could prove very difficult to spot and remove.
Apparently, if you're running the minimum specs ... nobody!
Lost at C:>. Found at C.
Only use Microsoft to play computer games on. Keep that AV updated and use real OS's for other tasks.
Domestic spying is now "Benign Information Gathering"
WTH is with teredo even existing in windows 10 let alone enabled by default in enterprise edition? NOBODY uses Teredo for anything other than exfiltration of data from poorly managed corporate networks. The time for amateur hour unreliable automatic IPv6 tunneling has long since passed.
When you guys run these tests it is really helpful to capture DNS lookup data alongside so we can backtrack and make sense of the source. Once shit hits Akamai and similar MS operational abstractions it is harder to figure out what its for... reverse lookup after the fact is worthless.
As for MS I'm done... just can't put up with this shit anymore.
That's complete nonsense about not being equivalent. Desktop OSes are old tech, as such they did not have spying before. Smartphone OSes were created during the Internet era and have a ton of spying built into them. What's happening is that modern desktop OSes are catching up to smartphone OSes and adding spying. So yes, Android spyware OS is equivalent to Win 10 spyware OS.
Comment removed based on user account deletion
I think the point here is that Linux distros are not immune to the business tactics of proprietary, commercial software. Ubuntu has just tested the waters, and end-users need to keep on their toes.
Given that the industry as a whole is moving towards the model of giving everything away for free and profiting from data mining, it won't be long before sponsored ads and opt-out become the norm in the world of FOSS, too. Yeah, it's nice that if a FOSS project turns bad it can be forked. It's nice to say that the efforts of the distros don't affect the kernel itself. However, "Linux" itself isn't useful for much outside of servers and embedded systems, so almost everyone using this OS will be getting a distro, and that requires people to make educated choices as to which distro they can trust.
Lambasting people's concerns as mere FUD isn't going to help. There's real reason to worry about this stuff.
One other idea that would work for this would be to modify any app that engages in network activity to always append a unique identifier to all its traffic. Then filter software on the router could be trained to either allow or reject traffic from different apps.
So for example all network traffic coming from Firefox on a particular system would be configured to append a unique identifier to all its traffic. When the router sees a packet from Firefox it recognizes the unique identifier, then removes it and transmits it out to the Internet. I think this would probably be easy to do with Netfilter.
With this type of system the router could be set to deny everything except what it recognizes and explicitly allows.
I would actually combine this with the blocklist above for the highest level of safety.
Its funny too because this would kind of take the unique identifier idea - which has been used notoriously to track people - and turn it on its head to provide privacy.
OK this is Linux's Big Chance. The nost savvy most technically literate most intelligent people are going to, for the first time, really really be looking for alternatives to Windows because of this shit. I know I am (not to say I qualify as any of the above). Those people, that 5-10% decide for their familes, their inlaws their friends their co-workers what's cool, what's great and what you shoudl avoid.
So is Linux ready or does it still expect its everyday users to be keen to memorize lots and lots of magical incantations - "sudo apt etc etc etc etc" - in order to really GetShitDone?
Every time I wanted to do something on previous version of Ubuntu- purpotedly the most user-friendly version of Linux out there- I quickly found myself instructed by the cognesceti to solemnly intone this and that long incantation into the darkness of a dos prompt. That's a deal breaker.
Does anyone in Linux-land really understand that very basic fact? People know how to use my computers by memorizing trails through GUIs. That mimics how primitve people (people like me and and you) learned to navigate and find their way around the real world; they used signposts and landmarks to remind them where to do next. Folks, accept it- this is how are brains are wired to find things in a complex environment.
Text is NOT how we are wired to find things. We have no good memory for text- it's always an explicit labor of memorization. And those memories are remarkably frail and subject to confusion with similar text-based memories. That's why indexes and filing cabinets and encyclopedias are alphabetical- because otherwise we'd never find that thing we were looking at before just by remembering where it was last time.
But I can remember how to get to the store, how to get home, where that vacation camp is that I last visited 20 years ago. Because it's a trail, just the kind of thing my brain is specialized to remember, with landmarks thattrigger further memories, landmarks which effectively let me offload the work of explicit memorization.
So.. do we have a real GUI in Linux yet or am I going to have to sudo apt my way around still? Because this is most definitely the magical moment Linux has been waiting for - the Gigantic, Customer-Alienating, Self-Inflcited, Grand Windows Fuck Up.
It gets so that nobody who tells the truth and talks about the real facts and figures can survive within about five levels of management of the executive suite. Anyone who does immediately gets the bum's rush: incompetence, insubordination, bad judgement, blamed for someone else's incompetence or malfeasance, face doesn't fit, socially inept, politically incorrect... the list goes one for ever.
Hence the top management never gets to hear the truth;
Rumor is Nadella himself is actually kind of the opposite. He will go quiet and basically ask you "what do you do here" or "why are you doing thing X?", listen to you thoughtfully, and then decide with a finely-tuned BS detector whether you are competent to do your job.
Window 10 is so much worse than android:
1/ With Android they "only" log my activity when I interact with Google. I can avoid this, or at least I know when (using maps, Google Now, gmail etc). I can use my own mail services, Firefox, etc W10 logs *everything* , i've tried that experiment of watching it phone home when firing up the calculator.
2/ MS are moving to uninstall software automatically. Google have never done this.
3/ Even if I don't like this level of containment of Google I can replace their Android with Cyanogenmod. Even though a bit of a faff, there is no option to do this with W10.
4/ This is my PC, was an open device, I've come to expect this. I expect more from this than my phone or tablet. This makes W10 so much worse.
How long until media companies etc ask for undesirable programs to be removed or at least who has them so they can sue people?
When someone else that is not microsoft start to have fun with all those "hidden internet services".
If microsoft not trying to create an OS full of exploitable flaws fails at that quite miserably, imagine microsoft actually trying to do that.
That's complete nonsense about not being equivalent. Desktop OSes are old tech
That's complete nonsense. Mobile operating systems are crippled pieces of shit designed around a philosophy required to support ancient era of extreme hardware limitations which no longer exists. This is why the OS is not smart enough to detect and support available hardware like any sane desktop operating system. Instead separate images have to be built to support individual devices leading to predictable manageability and security nightmares.
Smartphone OSes were created during the Internet era and have a ton of spying built into them.
The most popular smartphone OS is essentially Linux with a crummy java shell. Android is open source and there is no spying built into it. Spyware is added separately via google play services and the cesspool of apps available from the Google play store.
What's happening is that modern desktop OSes are catching up to smartphone OSes and adding spying.
What's happening is modern desktop OSes are catching up with the business model of spyware and malware vendors.
So yes, Android spyware OS is equivalent to Win 10 spyware OS.
While the argument itself is nothing more than bandwagon fallacy given Android does not come with spyware the underlying assertion is also wrong to boot. Most smartphone vendors do bundle the google play spyware yet this is expressly separate from Android. It is no different than Lenovo bundling superfish with Windows. Windows itself does not come with superfish it was added by the hardware vendor.
Good to see the APK Sockpuppet Machine is still limping along and gasping for breath.
Il n'y a pas de Planet B.
There's plenty of outrage in the threads. Very little is based on facts and logic.
The methodology in this story set telemetry to "basic" instead of disabling it. Other features that are part of Windows' out of the box experience weren't disabled. The services that connect out weren't fully disabled, not even close. The router was configured to log and block outgoing connections. Even legitimate and desired services will retry failed connections and probably try different hosts. Ever take a look in Linux when yum can't contact a mirror? It doesn't just give up; it tries lots of other mirrors until either the list is exhausted or it finds one that works. This is desirable behavior, especially for essential services like Windows Update. Not trying different hosts would make the system vulnerable to a denial of service attack against a single host. The statistics reported were completely inflated by the chosen methodology, one in which telemetry wasn't even fully disabled. Other users have reported that fully disabling telemetry and shutting down non-essential services does reduce the outbound traffic to only Windows Update.
Regarding Android and Google, you actually brought it up in a post you made. I don't see anyone arguing that Google not respecting privacy justifies Microsoft not doing so. That's a straw man, which is a logical fallacy. The real issue is directing outrage mostly at Microsoft when there are plenty of others who deserve criticism for their practices.
You also make this very angry statement: "The second is to use a goddamned iPhone, which everyone pretends is just as bad on privacy but it really isn't. This isn't a great argument point, however- Apple is perpetually one patch away from having ruinous privacy policies, because they are such a proprietary solution." If this is actually a valid argument, it renders any of your criticism of Microsoft completely invalid. If you don't like Windows invading your privacy, you have the option to install Linux. Unlike your statement that Apple could modify their privacy policy at any time, that doesn't hold true for Linux. There are so many distros that even if a few chose to egregiously invade privacy, there are still a multitude of alternatives. Furthermore, open source software that engages in questionable behavior or makes poor licensing decisions tends to be forked. If your statement is true, then your criticism of Microsoft is invalid because you have choices like Linux, FreeBSD, or to buy a Mac. In fact, considering all the different distros, you have far more choices with a desktop OS than you do with phones.
There's a lot of hostility in your post, but you haven't touched on the real issues. In my experience, during the initial setup of an Android phone, the user is presented with options to disable sending telemetry to Google. While the box is checked by default, it's brought to the user's attention. I'm not aware of that happening in Windows 10. Furthermore, the versions of Windows 10 that most users will upgrade to won't present them with an option to altogether disable telemetry. Android presents me an option during setup to fully disable telemetry; I always do so, and therefore Android's telemetry doesn't bother me.
Yes, what Microsoft is doing is quite a bit worse than what Google does. But it's not for any of the reasons you've stated. And this story is based on a false premise. Let's stick to the facts, please. There's more than enough to justifiably criticize Microsoft for.
I hate all anonymous shitbags. Log in, you filthy bastards.
This is one of the truths on things being "Free"... 99 out of 100 questions always seem to have the same answer... $$$. You think Micro$oft is going to just give something away for "FREE"?? Ask me about my specials on bridges for sale... Someone has to pay for it, and our 4th and 5th Amendment Rights and any other privacy is obviously the price of admission. (Apparently they are also, without legal parental consent, conducting surveillance on all under 18 year-olds.. wonder what they do with that data??) If you want privacy in today's Orwellian world, you will need to air-gap your system and just never be online, or be very keen with linux or some other OS not designed from the ground up with constant surveillance in-built... Because it's FREE you know. (Bernie Sanders minded 'economists' need to really take some notes on this one...)
Having made the decision to not "upgrade" my question is - has anyone looked at win7 - does it also do this?
> The methodology in this story set telemetry to "basic" instead of disabling it.
That doesn't appear to be correct. Linked article states:
"I have chosen the customized installation option where I disabled three pages of tracking options"
It's possible that the ability to select "disabled" for telemetry instead of basic isn't in the three pages of tracking options, I guess. That's news in and of itself though, lol.
> Other users have reported that fully disabling telemetry and shutting down non-essential services does reduce the outbound traffic to only Windows Update.
So your point is that you can't disable telemetry during the installation, but there's some unspecified stuff that you can maybe do to turn it off later, if you have the Enterprise version they won't sell you? Sounds super.
> I don't see anyone arguing that Google not respecting privacy justifies Microsoft not doing so.
In this thread:
http://tech.slashdot.org/comme...
"Google does this a lot more than Microsoft and no one says anything on that."
http://tech.slashdot.org/comme...
"Apple and Google are doing the exact same things with iOS and Android"
http://tech.slashdot.org/comme...
"You guys really have such a big problem with this? Because Google and the NSA are doing far worse."
http://tech.slashdot.org/comme...
"how is this different from Google, Facebook or any cloud service"
All of these were posted AFTER my post about how we could expect to see a bunch of people saying this hop into the thread.
All of them posted AC.
When this is brought up nowadays, you can pretty much count on these posts showing up. Almost always as AC, and almost always singing you a song about how Resistance Is Futile and how Everyone Is Equally Bad. It's like a bullet point in a disinfo packet or something, it's creepy. And yea, they showed up on schedule.
So no, it's not a strawman or logical fallacy. It's a prediction of what would happen, that was proven true in this very thread. Watch for it next time man, you'll see.
"The real issue is directing outrage mostly at Microsoft when there are plenty of others who deserve criticism for their practices"
No, that's not the "real issue". As I've stated:
1- The fact that phones suck is not a good reasons for desktops to suck now too.
2- There's no inevitable progress or deals associated with spying or spyware, no benefit to the user.
3- Microsoft makes this stunningly hard- I would actually argue impossible- to turn off. Other OSes really DO have toggles that turn this off- Microsoft has a huge nest of options that don't fully disable it (for sure and for reals on Pro and Home, and maybe now on Enterprise).
4- People don't have the same types of data and programs on a phone as they do on a desktop. Those that make due with only a phone generally don't HAVE the features that a PC offers in their life.
5- Windows 10 is aggressively marketed to existing desktop users. Without reading pages of legalese you have no idea that you are transitioning from a desktop OS that you paid for into some new abortion where you are the product and your everything is available to analysis. I would argue this goes further- even a brand new PC purchase is often made with the assumption that what you have on your box is actually private.
> If you don't like Windows invading your privacy, you have the option to install Linux. Unlike your statement that Apple could modify their privacy policy at any time, that doesn't hold true for Linux.
I'm not trying to sell you an iphone dude. I'm just saying that if you buy a phone right now and you choose Apple, they are CURRENTLY doing the "right
Are you speaking about a problem that still exists in Windows Update for Win7 beyond the fix available in https://support.microsoft.com/... that is not a mandatory update? I've recently had to install this one myself (manually) to fix a computer that became utterly unusable while Windows Update was scanning for available updates. Its memory management is a joke.
Or stating things, we all now since a few days after the win10 release. Things we knew even in the beta, but hoped they would go away in the final version.
In some cases, Win10 never started working.
Speaking of dribblings, do you still fuck your dad on the weekends?
Lost at C:>. Found at C.
Lol, it's so easy to push your buttons, APK. All I have to do is...exist. :)
Prove your claim you worked for Microsoft blowhard.
I didn't, I worked for Microsoft Corporation. The Blowhard Division is down in California or someplace.
Just cruising through this digital world at 33 1/3 rpm...
Does it include SteamOS? I'm also not sure that it's there for FreeBSD
So, if a corporation can just make up its rights and decide how far over the line its allowed to go, and then bury these made up things and over-reaches in legalees, AND THEN tell me, "By opening this package and installing this software you agree to the terms of this agreement", AND asking me to click accept over and over again until I'm numb to the word AND remove my right to sell my purchased license to another party.... whats to stop ME from doing the same thing?
Mine says in the first sentence that it supersedes any and all agreements pertaining to my personal information, locations and activities relating to any piece of technology hardware I operate, binding or otherwise, with any person or corporation that does not have the same physical fingerprints as I do, and is subject to change, without notice, at any time.
At this point... I could maybe secure my system in the name of the COPY PROTECTION of my personal data.... just a little bit...just enough to make em accidentally try for it instead of just giving it to em. Then I just wait for %FACELESS_CORPORATION to find a way to circumvent my weak half-assed *copy protection* in some automated manner, THEN BAM! I cry foul... its off to the arbiter of my choosing for the damages of my choosing yadda yadda yadda.... Its all in the agreement you accepted when you sold me software! and now %FACELESS_CORPORATION has circumvented my fancy copy protections! DMCA time! More DAMAGES!
No more software for telemetry data trades? FINE. I remember the 90s, I got along just fine... I still don't carry a cell phone, I already run my own email server, and I have no problem reading my own freaking maps.
Uh oh.. I'm rambling now..
You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
They don't. But regardless of what OS I use, I can't read the firmware of my PC even if Dell or Acer gave it to me. But I picked an OS that is more reputable than Windows or Android/ChromeOS, and work on a trust basis. If that's betrayed down the line, I'll reconsider, but for now, I have no reason to treat them w/ suspicion.